Merge pull request #7614 from magento-amigos/2.4-develop-prs

[Amigos] Community Contributions - 2.4-develop

.github/ISSUE_TEMPLATE/bug_report.yaml

@@ -0,0 +1,72 @@
+name: Bug report
+description: Technical issue with the Magento 2 core components
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Please read [our guidelines](https://developer.adobe.com/commerce/contributor/guides/code-contributions/#report-an-issue) before submitting the issue.
+  - type: textarea
+    attributes:
+      label: Preconditions and environment
+      description: |
+        Describe your environment.
+        Provide all the details that will help us to reproduce the bug.
+      value: |
+        - Magento version
+        - Anything else that would help a developer reproduce the bug
+  - type: textarea
+    attributes:
+      label: Steps to reproduce
+      description: |
+        Provide a set of clear steps to reproduce this bug.
+      placeholder: |
+        Example:
+          1. Navigate to storefront as a guest.
+          2. Open Test Category.
+          3. Click “Add to Cart” on the Virtual Product.
+          4. Open mini shopping cart and click “Proceed to Checkout”.
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: Expected result
+      description: |
+        Tell us what you expected to happen.
+      placeholder: |
+        Example:
+          Order is placed successfully, customer is redirected to the success page.
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: Actual result
+      description: |
+        Tell us what happened. Include error messages and issues.
+      placeholder: |
+        Example:
+          “Place order” button is not visible, order cannot be placed.
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: Additional information
+      description: |
+        Additional information is often requested when the bug report is processed. You can save time by providing both Magento and browser logs, screenshots, repository branch and HEAD commit you checked out to install Magento and any other artifacts related to the issue.
+        Also, links to the comments with important information, Root Cause analysis, additional video recordings; and anything else that is important for the issue and at some reason cannot be added to other sections.
+  - type: textarea
+    attributes:
+      label: Release note
+      description: |
+        Help us to provide meaningful release notes to the community.
+  - type: checkboxes
+    attributes:
+      label: Triage and priority
+      description: |
+        Provide [Severity](https://developer.adobe.com/commerce/contributor/guides/code-contributions/#community-backlog-priority) assessment for the Issue as a Reporter.
+        This information helps us during the Confirmation and Issue triage processes.
+      options:
+        - label: 'Severity: **S0** _- Affects critical data or functionality and leaves users without workaround._'
+        - label: 'Severity: **S1** _- Affects critical data or functionality and forces users to employ a workaround._'
+        - label: 'Severity: **S2** _- Affects non-critical data or functionality and forces users to employ a workaround._'
+        - label: 'Severity: **S3** _- Affects non-critical data or functionality and does not force users to employ a workaround._'
+        - label: 'Severity: **S4** _- Affects aesthetics, professional look and feel, “quality” or “usability”._'

SECURITY.md

@@ -4,7 +4,7 @@ Magento values the contributions of the security research community, and we look
 
 ## Where should I report security issues?
 
-We strongly encourage you to report all security issues privately via our [bug bounty program](https://hackerone.com/magento).  Please provide us with relevant technical details and repro steps to expedite our investigation.  If you prefer not to use HackerOne, email us directly at `psirt@adobe.com` with details and repro steps.  
+We strongly encourage you to report all security issues privately via our [bug bounty program](https://hackerone.com/adobe).  Please provide us with relevant technical details and repro steps to expedite our investigation.  If you prefer not to use HackerOne, email us directly at `psirt@adobe.com` with details and repro steps.  
 
 ## Learning More About Security
 To learn more about securing a Magento store, please visit the [Security Center](https://magento.com/security).

app/code/Magento/Catalog/Test/Mftf/Data/ImageContentData.xml

@@ -43,4 +43,8 @@
     <entity name="MagentoPlaceHolderImageContent" type="ImageContent">
         <data key="baseImage_md5">c0459a796c5b8ee74254472c235a7460</data>
     </entity>
+    <entity name="TestImageWithDotInFilenameImageContent" extends="MagentoLogoImageContent" type="ImageContent">
+        <data key="baseImage_md5">4aa2a3c3eefd29898585a8dd781e5bfd</data>
+        <data key="name" unique="prefix">m.agento-logo.png</data>
+    </entity>
 </entities>

app/code/Magento/Catalog/Test/Mftf/Data/ProductData.xml

@@ -431,6 +431,11 @@
         <data key="file">test_image.jpg</data>
         <data key="filename">test_image</data>
     </entity>
+    <entity name="TestImageWithDotInFilename" extends="MagentoLogo" type="image">
+        <data key="title" unique="suffix">TestImageWithDotInFilename</data>
+        <data key="file">m.agento-logo.png</data>
+        <data key="filename">m.agento-logo</data>
+    </entity>
     <entity name="ProductWithUnicode" type="product">
         <data key="name" unique="suffix">&#38657;&#20135;&#21697;</data>
         <data key="sku" unique="suffix">&#38657;&#20135;&#21697;</data>

app/code/Magento/Catalog/Test/Mftf/Test/StorefrontProductImageWithDotTest.xml

@@ -0,0 +1,62 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ /**
+  * Copyright © Magento, Inc. All rights reserved.
+  * See COPYING.txt for license details.
+  */
+-->
+
+<tests xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+       xsi:noNamespaceSchemaLocation="urn:magento:mftf:Test/etc/testSchema.xsd">
+    <test name="StorefrontProductImageWithDotTest">
+        <annotations>
+            <features value="Catalog"/>
+            <stories value="Product Image"/>
+            <title value="Product image with dot in filename should be visible on frontend after catalog image cache flush"/>
+            <description value="Product image with dot in filename should be visible on frontend after catalog image cache flush"/>
+            <group value="Catalog"/>
+            <severity value="AVERAGE"/>
+        </annotations>
+        <before>
+            <magentoCLI command="config:set system/upload_configuration/enable_resize 0" stepKey="disableImageResizing"/>
+            <actionGroup ref="AdminLoginActionGroup" stepKey="loginAsAdmin"/>
+        </before>
+        <after>
+            <magentoCLI command="config:set system/upload_configuration/enable_resize 1" stepKey="enableImageResizing"/>
+            <actionGroup ref="DeleteProductBySkuActionGroup" stepKey="deleteProduct">
+                <argument name="sku" value="{{SimpleProduct.sku}}"/>
+            </actionGroup>
+            <actionGroup ref="ClearFiltersAdminDataGridActionGroup" stepKey="clearFilter"/>
+            <actionGroup ref="AdminLogoutActionGroup" stepKey="logoutAsAdmin"/>
+        </after>
+
+        <!--Create product-->
+        <actionGroup ref="AdminOpenNewProductFormPageActionGroup" stepKey="openNewProductPage"/>
+        <actionGroup ref="FillMainProductFormActionGroup" stepKey="fillSimpleProductMain">
+            <argument name="product" value="SimpleProduct"/>
+        </actionGroup>
+
+        <!-- Add image to product -->
+        <actionGroup ref="AddProductImageActionGroup" stepKey="addImageForSimpleProduct">
+            <argument name="image" value="TestImageWithDotInFilename"/>
+        </actionGroup>
+        <actionGroup ref="SaveProductFormActionGroup" stepKey="saveSimpleProduct"/>
+
+        <!-- Flush catalog image cache -->
+        <actionGroup ref="AdminGoToCacheManagementPageActionGroup" stepKey="goToCacheManagementPage"/>
+        <actionGroup ref="AdminClickFlushCatalogImagesCacheActionGroup" stepKey="clearCatalogImageCache"/>
+
+        <!-- Assert product in storefront product page -->
+        <actionGroup ref="AssertProductNameAndSkuInStorefrontProductPageActionGroup" stepKey="assertProductInStorefrontProductPage">
+            <argument name="product" value="SimpleProduct"/>
+        </actionGroup>
+
+        <!-- Assert product image in storefront product page -->
+        <grabAttributeFrom userInput="src" selector="{{StorefrontProductMediaSection.imageFile(TestImageWithDotInFilename.filename)}}" stepKey="productImageURL"/>
+        <helper class="Magento\Backend\Test\Mftf\Helper\CurlHelpers" method="assertImageContentIsEqual" stepKey="assertProductImageEqualToOriginalImage">
+            <argument name="url">{$productImageURL}</argument>
+            <argument name="expectedString">{{TestImageWithDotInFilenameImageContent.baseImage_md5}}</argument>
+            <argument name="message">Url: "{$productImageURL}" did not render image: {{TestImageWithDotInFilename.file}}</argument>
+        </helper>
+    </test>
+</tests>

app/code/Magento/MediaStorage/App/Media.php

@@ -259,7 +259,7 @@ private function setPlaceholderImage(): void
      */
     private function getOriginalImage(string $resizedImagePath): string
     {
-        return preg_replace('|^.*?((?:/([^/])/([^/])/\2\3)?/?[^/]+$)|', '$1', $resizedImagePath);
+        return preg_replace('|^.*((?:/[^/]+){3})$|', '$1', $resizedImagePath);
     }
 
     /**

app/code/Magento/MediaStorage/Model/File/Validator/Image.php

@@ -9,6 +9,7 @@
 
 use Magento\Framework\File\Mime;
 use Magento\Framework\Filesystem\Driver\File;
+use Magento\Framework\Image\Factory;
 
 /**
  * Image validator
@@ -33,20 +34,28 @@ class Image extends \Zend_Validate_Abstract
      */
     private $fileMime;
 
+    /**
+     * @var Factory
+     */
+    private $imageFactory;
+
     /**
      * @var File
      */
     private $file;
 
     /**
      * @param Mime $fileMime
+     * @param Factory $imageFactory
      * @param File $file
      */
     public function __construct(
         Mime $fileMime,
+        Factory $imageFactory,
         File $file
     ) {
         $this->fileMime = $fileMime;
+        $this->imageFactory = $imageFactory;
         $this->file = $file;
     }
 
@@ -60,10 +69,8 @@ public function isValid($filePath): bool
 
         if (in_array($fileMimeType, $this->imageMimeTypes)) {
             try {
-                //phpcs:ignore Magento2.Functions.DiscouragedFunction
-                $image = imagecreatefromstring($this->file->fileGetContents($filePath));
-
-                $isValid = $image ? true : false;
+                $image = $this->imageFactory->create($filePath);
+                $image->open();
             } catch (\Exception $e) {
                 $isValid = false;
             }

app/code/Magento/PaypalGraphQl/Model/Resolver/PaypalExpressToken.php

@@ -83,7 +83,7 @@ public function resolve(
     ) {
         $cartId = $args['input']['cart_id'] ?? '';
         $paymentCode = $args['input']['code'] ?? '';
-        $usePaypalCredit = isset($args['input']['paypal_credit']) ? $args['input']['paypal_credit'] : false;
+        $usePaypalCredit = isset($args['input']['use_paypal_credit']) ? $args['input']['use_paypal_credit'] : false;
         $usedExpressButton = isset($args['input']['express_button']) ? $args['input']['express_button'] : false;
         $customerId = $context->getUserId();
 

app/code/Magento/Ups/Model/Carrier.php

@@ -1461,7 +1461,7 @@ protected function _formShipmentRequest(DataObject $request)
             $shipperPart->addChild('PhoneNumber', $request->getRecipientContactPhoneNumber());
 
             $addressPart = $shipperPart->addChild('Address');
-            $addressPart->addChild('AddressLine1', $request->getRecipientAddressStreet());
+            $addressPart->addChild('AddressLine1', $request->getRecipientAddressStreet1());
             $addressPart->addChild('AddressLine2', $request->getRecipientAddressStreet2());
             $addressPart->addChild('City', $request->getRecipientAddressCity());
             $addressPart->addChild('CountryCode', $request->getRecipientAddressCountryCode());

lib/internal/Magento/Framework/Image/Adapter/ImageMagick.php

@@ -104,7 +104,15 @@ public function open($filename)
         $this->_getFileAttributes();
 
         try {
-            $this->_imageHandler = new \Imagick($this->_fileName);
+            if (is_callable('exif_imagetype')) {
+                $fileType = exif_imagetype($this->_fileName);
+
+                if ($fileType === IMAGETYPE_ICO) {
+                    $filename = 'ico:' . $this->_fileName;
+                }
+            }
+
+            $this->_imageHandler = new \Imagick($filename);
         } catch (\ImagickException $e) {
             //phpcs:ignore Magento2.Exceptions.DirectThrow
             throw new LocalizedException(

lib/web/mage/mage.js

@@ -85,7 +85,7 @@ define([
     /**
      * Init components inside of dynamically updated elements
      */
-    $('body').on('contentUpdated', function () {
+    $(document).on('contentUpdated', 'body', function () {
         if (mage) {
             mage.apply();
         }

nginx.conf.sample

@@ -242,6 +242,6 @@ gzip_types
 gzip_vary on;
 
 # Banned locations (only reached if the earlier PHP entry point regexes don't match)
-location ~* (\.php$|\.phtml$|\.htaccess$|\.git) {
+location ~* (\.php$|\.phtml$|\.htaccess$|\.htpasswd$|\.git) {
     deny all;
 }